DOCSLIB.ORG

Towards a First Step to Understand the Cryptocurrency Stealing Attack on Ethereum

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Towards a First Step to Understand the Cryptocurrency Stealing Attack on Ethereum Towards a First Step to Understand the Cryptocurrency Stealing Attack on Ethereum Zhen Cheng1,2∗ Xinrui Hou2,4∗ Runhuai Li1,2 Yajin Zhou1,2† Xiapu Luo3 Jinku Li4 and Kui Ren1,2 1Zhejiang University 2Alibaba-Zhejiang University Joint Research Institute of Frontier Technologies 3The Hong Kong Polytechnic University 4Xidian University Abstract ured, will expose a JSON-RPC endpoint without any authen- tication mechanism enforced. As a result, they could be re- We performed the rst systematic study of a new attack on motely reached by attackers to invoke many privileged meth- Ethereum that steals cryptocurrencies. The attack is due to ods to manipulate the Ethereum account, on behalf of the the unprotected JSON-RPC endpoints existed in Ethereum account holder who is using the client 1. Though we have seen nodes that could be exploited by attackers to transfer the spot reports of stealing the Ether by hackers [11,15], there Ether and ERC20 tokens to attackers-controlled accounts. is no systematic study of such an attack. In order words, not This study aims to shed light on the attack, including mali- enough insights were provided on the attack. cious behaviors and prots of attackers. Specically, we rst designed and implemented a honeypot that could capture To this end, we performed a systematic study to under- real attacks in the wild. We then deployed the honeypot stand the cryptocurrency stealing attack on Ethereum. The and reported results of the collected data in a period of six purpose of our study is to shed lights on this attack, includ- months. In total, our system captured more than 308 mil- ing detailed malicious behaviors, attacking strategies, and lion requests from 1;072 distinct IP addresses. We further attackers’ prots. Our study is based on real attacks in the grouped attackers into 36 groups with 59 distinct Ethereum wild captured by our system. accounts. Among them, attackers of 34 groups were stealing Specically, we designed and implemented a system called the Ether, while other 2 groups were targeting ERC20 tokens. Siren. It consists of a honeypot that listens the default JSON- The further behavior analysis showed that attackers were RPC port, i.e., 8545, and accepts any incoming requests. To following a three-steps pattern to steal the Ether. Moreover, make our honeypot a reachable and valuable target, we reg- we observed an interesting type of transaction called zero gas ister it as an Ethereum full node on the Internet and prepare transaction, which has been leveraged by attackers to steal a real Ethereum account that has Ethers inside. In order to ERC20 tokens. At last, we estimated the overall prots of implement an interactive honeypot, we use a real Ethereum attackers. To engage the whole community, the dataset of cap- client (Go-Ethereum in our work) as the back-end. We then tured attacks is released on https://github.com/zjuicsr/eth- redirect all the incoming RPC requests to the back-end, ex- honey. cept for those that may cause damages to our honeypot. Our honeypot logs the information of the request, including the method that the attacker intends to invoke, and its parame- 1 Introduction ters. For instance, our honeypot logs account addresses that attackers intend to transfer the stolen Ether into. We call The Ethereum network [38] has attracted lots of attentions. these accounts as malicious accounts. We further crawl Users leverage this platform to transfer the Ether, the o- transactions from the Ethereum network and analyze them cial cryptocurrency of the network, or build DApps (decen- to identify suspicious accounts, which accept Ethers from tralized applications) using smart contracts. This, in turn, malicious accounts. Though we are unaware of real owners stimulates the popularity of the Ethereum network. of these accounts, they are most likely to be related to at- However, this popularity also attracts another type of tackers since transactions exist from malicious accounts to users, i.e., attackers. They exploit the insecure setting of them. We then estimate attackers’ prots by calculating the Ethereum clients, e.g., Go-Ethereum [7] and Parity [12], to income of malicious and suspicious accounts. steal cryptocurrencies. These clients, if not properly cong- ∗Co-rst authors with equal contribution. 1Note that, the RPC interface is intended to be used with proper authen- †Corresponding author. tication. USENIX Association 22nd International Symposium on Research in Attacks, Intrusions and Defenses 47 Findings We performed a detailed analysis on the data • We deployed our system and reported attacks observed in collected in a six-month period 2. Some ndings are in the a period of six months. following. • We reported various ndings based on the analysis of col- • Attacks captured During a six-month period, our lected data. The dataset is released to the community for system captured 308:66 million RPC requests from further study. 1;072 distinct IP addresses. Among these IP addresses, The rest of the paper is structured as the follows: we intro- 9 of them are considered as the main source of attacks, duce the background information in Section 2 and present since they count around 83:8% of all requests. One the methodology of our system to capture attacks in Sec- particular IP address 89.144.25.28 sent the most RPC tion 3. We then analyze the attack in Section 4 and estimate requests, with a record of 101:73 million requests in prots in Section 5, respectively. We discuss the limitation total. In order to hide their real IP addresses, attackers of our work in Section 6 and related work in Section 7. We were leveraging the Tor network [20] to launch attacks. conclude our work in Section 8. We also observed that some IP addresses of worldwide universities were probing our honeypot, though none of them were invoking methods to steal cryptocurren- 2 Background cies. Most of these IP addresses are from the PlanetLab nodes [13]. In this section, we will briey introduce the necessary back- ground about the Ethereum network [38] to facilitate the • Cryptocurrencies targeted We grouped attackers understanding of this work. based on IP addresses and target Ethereum accounts. These accounts are the ones that attackers transferred 2.1 Ethereum Clients and the JSON-RPC the stolen cryptocurrencies into. In total, attackers are grouped into 36 clusters with 59 distinct malicious An Ethereum node usually runs a client software. There exist accounts. Among them, attackers of 34 groups were several clients, e.g., Go-Ethereum and Parity. Both clients stealing the Ether, while other 2 groups were targeting support remote procedure call (RPC) through the standard ERC20 tokens. JSON-RPC API [4]. When these clients are being started with a special ag, they will listen a specic port (e.g., 8545), and ac- • Steal the Ether We observed that attackers were fol- cept RPC requests from any host without any authentication. lowing a three-steps pattern to steal the Ether. They After that, functions could be remotely invoked on behalf of rst probed potential victims, and then collected nec- the account holder of the client, including privileged ones to essary information to construct parameters. After that, send transactions (or transfer cryptocurrencies). Note that, they launch the attack, either passively waiting for the though the Ethereum network is a P2P network, attackers account being unlocked by continuously polling the can discover and reach vulnerable Ethereum nodes directly account state, or actively lunching a brute-force attack through the HTTP protocol. to crack the user’s password to unlock the account. 2.2 Ethereum Accounts • Steal ERC20 tokens Besides the Ether, attackers were also targeting ERC20 tokens. We observed a type On the Ethereum platform, there exist two dierent types of transaction called zero gas transaction, in which the of accounts. One is externally owned account (EOA), and sender of a transaction does not need to pay any trans- another one is smart contract account. An EOA account action fee. We nd that attackers were leveraging this can transfer the Ether, the ocial currency in Ethereum, type of transactions to steal tokens from sher accounts to another account. An EOA account can deploy a smart that intended to scam other users’ Ethers, and exploit- contract, which in turn creates another type of account, i.e., ing the AirDrop mechanism to gain numerous bonus the smart contract account. A smart contract is a program tokens. that executes exactly as it is set up to by its creator (the smart contract developer). In Ethereum, the smart contract Contributions In summary, this paper makes the follow- is usually programmed using the Solidity language [14], ing main contributions: and executes on a virtual machine called Ethereum Vir- tual Machine (EVM) [38]. Both types of accounts are de- • We designed and implemented a system that can capture noted in a hexadecimal format. For instance, the account ad- real attacks to steal cryptocurrencies through unprotected dress 0x6ef57be1168628a2bd6c5788322a41265084408a de- JSON-RPC ports of vulnerable Ethereum nodes. notes an (attacker’s) EOA account, while the address 0x87c9ea70f72ad55a12bc6155a30e047cf2acd798 denotes a 2The dataset is released on https://github.com/zjuicsr/eth-honey. smart contract. 48 22nd International Symposium on Research in Attacks, Intrusions and Defenses USENIX Association ERC20 tokens [1] are digital tokens designed and used on the Ethereum platform, which could be shared, exchanged for other tokens or real currencies, e.g., US dollars. The com- munity has created standards for issuing a new ERC20 token using the smart contract. For instance, the smart contract should implement a function called transfer() to transfer the token from one account to another, and a balanceOf() function to query the balance of the token. The values of ERC20 tokens vary for dierent tokens at dierent times.
Load more

Recommended publications
  • Evmpatch: Timely and Automated Patching of Ethereum Smart Contracts
    EVMPatch: Timely and Automated Patching of Ethereum Smart Contracts Michael Rodler Wenting Li Ghassan O. Karame University of Duisburg-Essen NEC Laboratories Europe NEC Laboratories Europe Lucas Davi University of Duisburg-Essen Abstract some of these contracts hold, smart contracts have become an appealing target for attacks. Programming errors in smart Recent attacks exploiting errors in smart contract code had contract code can have devastating consequences as an attacker devastating consequences thereby questioning the benefits of can exploit these bugs to steal cryptocurrency or tokens. this technology. It is currently highly challenging to fix er- rors and deploy a patched contract in time. Instant patching is Recently, the blockchain community has witnessed several especially important since smart contracts are always online incidents due smart contract errors [7, 39]. One especially due to the distributed nature of blockchain systems. They also infamous incident is the “TheDAO” reentrancy attack, which manage considerable amounts of assets, which are at risk and resulted in a loss of over 50 million US Dollars worth of often beyond recovery after an attack. Existing solutions to Ether [31]. This led to a highly debated hard-fork of the upgrade smart contracts depend on manual and error-prone pro- Ethereum blockchain. Several proposals demonstrated how to defend against reentrancy vulnerabilities either by means of cesses. This paper presents a framework, called EVMPATCH, to instantly and automatically patch faulty smart contracts. offline analysis at development time or by performing run-time validation [16, 23, 32, 42]. Another infamous incident is the EVMPATCH features a bytecode rewriting engine for the pop- ular Ethereum blockchain, and transparently/automatically parity wallet attack [39].
    [Show full text]
  • ARK​ ​​Whitepaper
    ARK Whitepaper ​ ​​ A Platform for Consumer Adoption ​ ​ ​ ​ ​ ​ ​ ​ v.1.0.3 The ARK Crew ARK Whitepaper v.1.0.3 ​ ​ ​ ​ ​ ​ ​ ​ Table Of Contents ​ ​ ​ ​ Overview………………………………………………………………...……………………………….……………….………………………………………………………….….3 ​ Purpose of this Whitepaper………………………………………………………………………………………………………………………..….……….3 ​ ​ ​ ​ ​ ​ ​ Why?…………………………………………………………………………………………………………………….…………………………………………………….…………..4 ​ ​ ARK…………………………………………………………………………………………………….……………….…………………………………………………………………..5 ​ ​ ARK IS………………………………………………………………………………………………....……………….………………………………………………………………..5 ​ ​ ​ ​ ARK: Technical Details……………………………………….…….…..…………………………...……………….………………...…………………………...6 ​ ​ ​ ​ ​ ​ - Delegated Proof of Stake…………………………….……………...………………………….……………………………………….………...…...6 ​ ​​ ​ ​ ​ ​ ​ ​ ​ - Hierarchical Deterministic (HD) Wallets ​ ​​ ​ ​ ​ ​ ​ ​ (BIP32)…………………………………………………….....…………………..…..8 ​ - Fees……………………………………………………………………………………………………………….……………….…...………………………………..……...8 ​ ​​ ​ - ARK Delegates and Delegate Voting.…………………………………………………………………………………...………………….9 ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ - Bridged Blockchains (SmartBridges)....................………………………………………………………………….………...…….10 ​ ​​ ​ ​ ​ ​ ​ - POST ARK-TEC Token Distribution …………………..…………………………………….………………….………..……..…..……….11 ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ - Testnet Release……………………………………………….…………………………………………………………………….………...….....12 ​ ​ ​ And Beyond?…………………………………………………………………….………...……………………………………….………………………...……….…12 ​ ​ ​ ​ Addendum 1: ARK IS…(Cont.)...……..……..…………....…..………...………………………………………...………………………......……12
    [Show full text]
  • Metamask Pre-Assignment
    MMS 562F: Tech Driven Transformation MetaMask Pre-Assignment Campbell R. Harvey Duke University and NBER February 2021 Setup • Metamask is a cryptocurrency wallet that is used to interface with the Ethereum-based Apps • We will be setting up this Wallet on your mobile device (iOS or Android only) – If you are unable to use a mobile device, the end of this deck has a web browser tutorial (Page 19) – If you already have MetaMask on your browser, the end of this deck has a tutorial to link your Web Account to the Mobile App (Page 25) Campbell R. Harvey 2021 2 Setup • Download the Metamask app from the App Store or Google Play Store • Click Get Started • Click Create a new wallet • Create a new account by typing in a password of your choosing and pressing “Create” • Go through the prompts to secure your wallet • Store Secret Backup Phrase in a secure location, ideally paper or a password manager – not on your phone or computer. • Type in secret backup phrase Campbell R. Harvey 2021 3 1 Using MetaMask 1. Network • This determines which Ethereum Network you are using. Click on this to see all network options in a 2 dropdown. For this class we will only discuss or use the Main Ethereum Network and the Ropsten Test Network. 3 Campbell R. Harvey 2021 4 1 Using MetaMask 1. Network • The Ethereum Mainnet is where live ether (ETH) with real value exists and is 2 used for payment and applications. I will refer to this as the “main network” or the “mainnet” 3 Campbell R.
    [Show full text]
  • Reputation Driven Dynamic Access Control Framework for Iot Atop Poa Ethereum Blockchain
    Reputation Driven Dynamic Access Control Framework for IoT atop PoA Ethereum Blockchain Auqib Hamid Lonea,∗, Roohie Naaza aDepartment of Computer Science and Engineering., NIT Srinagar, Jammu and Kashmir,India,190006 Abstract Security and Scalability are two major challenges that IoT is currently fac- ing. Access control to critical IoT infrastructure is considered as top security challenge that IoT faces. Data generated by IoT devices may be driving many hard real time systems, thus it is of utmost importance to guarantee integrity and authenticity of the data and resources at the first place itself. Due to heterogeneous and constrained nature of IoT devices, traditional IoT security frameworks are not able to deliver scalable, efficient and manage- able mechanisms to meet the requirements of IoT devices. On the other hand Blockchain technology has shown great potential to bridge the missing gap towards building a truly decentralized, trustworthy, secure and scalable environment for IoT. Allowing access to IoT resources and data managed through Blockchain will provide an additional security layer backed by the strongest cryptographic algorithms available. In this work we present a rep- utation driven dynamic access control framework for IoT applications based on Proof of Authority Blockchain, we name it as Rep-ACM. In Rep-ACM framework we build two major services, one for Reputation building (for bet- ter IoT device behaviour regulations) and other for Misbehaviour detection (for detecting any Misbehaviour on object resource usage). Both of these services work in coordination with other services of proposed framework to determine who can access what and under what conditions access should be granted.
    [Show full text]
  • Exploring the Interconnectedness of Cryptocurrencies Using Correlation Networks
    Exploring the Interconnectedness of Cryptocurrencies using Correlation Networks Andrew Burnie UCL Computer Science Doctoral Student at The Alan Turing Institute [email protected] Conference Paper presented at The Cryptocurrency Research Conference 2018, 24 May 2018, Anglia Ruskin University Lord Ashcroft International Business School Centre for Financial Research, Cambridge, UK. Abstract Correlation networks were used to detect characteristics which, although fixed over time, have an important influence on the evolution of prices over time. Potentially important features were identified using the websites and whitepapers of cryptocurrencies with the largest userbases. These were assessed using two datasets to enhance robustness: one with fourteen cryptocurrencies beginning from 9 November 2017, and a subset with nine cryptocurrencies starting 9 September 2016, both ending 6 March 2018. Separately analysing the subset of cryptocurrencies raised the number of data points from 115 to 537, and improved robustness to changes in relationships over time. Excluding USD Tether, the results showed a positive association between different cryptocurrencies that was statistically significant. Robust, strong positive associations were observed for six cryptocurrencies where one was a fork of the other; Bitcoin / Bitcoin Cash was an exception. There was evidence for the existence of a group of cryptocurrencies particularly associated with Cardano, and a separate group correlated with Ethereum. The data was not consistent with a token’s functionality or creation mechanism being the dominant determinants of the evolution of prices over time but did suggest that factors other than speculation contributed to the price. Keywords: Correlation Networks; Interconnectedness; Contagion; Speculation 1 1. Introduction The year 2017 saw the start of a rapid diversification in cryptocurrencies.
    [Show full text]
  • Ethereum Vs Ethereum Classic Which to Buy Update [06-07-2021] It Has Fully Compatibility with Solidity and Thus Ethereum Eco-System
    1 Ethereum vs Ethereum Classic Which to Buy Update [06-07-2021] It has fully compatibility with Solidity and thus Ethereum eco-system. It offers scalable and instantaneous transactions. It means that L2 projects are going to have a field day ahead with the increasing integrations and maturity of infrastructure around them. Therefore, it s the first entry in our top 5 Ethereum layer 2 projects list. Essentially it s a mixed PoW, PoS algorithm which it s purpose is to arrive one day to a PoS full implementation. Or will a completely new evolution of Ethereum be necessary to reach that level of transaction capacity. 380 transactions per block. Another important improvement is the next. More miners. Last week, the Ontario Securities Commission approved the launch of three ETFs that would offer investors direct exposure to Ether, the second-largest cryptocurrency by market capitalization after Bitcoin. 75 after May 31, the company said, plus applicable sales taxes. Management fees are not the only thing investors will need to pay. What to Know. Still, hopes of a technical adjustment called EIP ethereum improvement proposal 1559, which is expected to go live in July and is seen reducing the supply of ethereum, has provided a lift for the digital currency. Technically, ethereum is the blockchain network in which decentralized applications are embedded, while ether is the token or currency that enables or drives the use of these applications. It hit a record high of 3,610. Ethereum is well off its highs, though, so let s see if now is the time to make an investment.
    [Show full text]
  • Ethereum Vs. Bitcoin
    Ethereum vs. Bitcoin Creighton University Julianne Harm Josh Obregon Josh Stubbendick Contents Objectives ..................................................................................................................................................... 3 Comparing Bitcoin and Ethereum................................................................................................................. 3 The Future of Bitcoin and Ether ................................................................................................................... 6 Figure 1: Number of Bitcoin Transactions Per Day ............................................................................ 10 Recommended Investment Strategy............................................................................................................ 10 Figure 2: Standard Deviation of Portfolio ........................................................................................... 11 Projected Returns of the 5 Year Investment ............................................................................................... 11 Figure 3: Project Prices per unit (USD) .............................................................................................. 12 Figure 4: Projected Value ................................................................................................................... 12 Conclusion .................................................................................................................................................. 13 Works Cited
    [Show full text]
  • Package 'Ether'
    Package ‘ether’ January 25, 2020 Type Package Title Interaction with the 'Ethereum' Blockchain Version 0.1.6 Description Interacts with the open-source, public 'Ethereum' <https://www.ethereum.org/> blockchain. It provides a distributed computing platform via smart contracts. This package provides functions which interrogate blocks and transactions in the 'Ethereum' blockchain. License GPL-2 Encoding UTF-8 LazyData true Imports dplyr, httr, jsonlite, Rmpfr RoxygenNote 7.0.2 Suggests testthat, httptest NeedsCompilation no Author Andrew Collier [aut, cre] Maintainer Andrew Collier <[email protected]> Repository CRAN Date/Publication 2020-01-25 06:10:02 UTC R topics documented: as.ether . .2 as.finney . .3 as.gwei . .3 as.kwei . .3 as.mwei . .4 as.szabo . .4 dec_to_hex . .4 ether . .5 eth_accounts . .5 eth_blockNumber . .6 1 2 as.ether eth_coinbase . .6 eth_gasPrice . .7 eth_getBalance . .7 eth_getBlock . .8 eth_getBlockTransactionCountByHash . .9 eth_getBlockTransactionCountByNumber . .9 eth_getStorageAt . 10 eth_getTransactionByBlockHashAndIndex . 11 eth_getTransactionByBlockNumberAndIndex . 11 eth_getTransactionByHash . 12 eth_getTransactionCount . 13 eth_getTransactionReceipt . 13 eth_getUncleByBlockHashAndIndex . 14 eth_getUncleByBlockNumberAndIndex . 15 eth_getUncleCountByBlockHash . 15 eth_getUncleCountByBlockNumber . 16 eth_hashrate . 17 eth_mining . 17 eth_protocolVersion . 18 eth_syncing . 18 get_blocks . 19 get_rpc_address . 19 get_transactions . 20 hex_to_dec . 20 set_rpc_address . 21 web3_clientVersion . 21 web3_sha3 . 22 Index 23 as.ether Convert Wei to Ether. Description Convert Wei to Ether. Usage as.ether(wei) Arguments wei Number of Wei. as.finney 3 as.finney Convert Wei to Finney. Description Convert Wei to Finney. Usage as.finney(wei) Arguments wei Number of Wei. as.gwei Convert Wei to GWei. Description Convert Wei to GWei. Usage as.gwei(wei) Arguments wei Number of Wei. as.kwei Convert Wei to kWei. Description Convert Wei to kWei. Usage as.kwei(wei) Arguments wei Number of Wei.
    [Show full text]
  • An Organized Repository of Ethereum Smart Contracts' Source Codes and Metrics
    Article An Organized Repository of Ethereum Smart Contracts’ Source Codes and Metrics Giuseppe Antonio Pierro 1,* , Roberto Tonelli 2,* and Michele Marchesi 2 1 Inria Lille-Nord Europe Centre, 59650 Villeneuve d’Ascq, France 2 Department of Mathematics and Computer Science, University of Cagliari, 09124 Cagliari, Italy; [email protected] * Correspondence: [email protected] (G.A.P.); [email protected] (R.T.) Received: 31 October 2020; Accepted: 11 November 2020; Published: 15 November 2020 Abstract: Many empirical software engineering studies show that there is a need for repositories where source codes are acquired, filtered and classified. During the last few years, Ethereum block explorer services have emerged as a popular project to explore and search for Ethereum blockchain data such as transactions, addresses, tokens, smart contracts’ source codes, prices and other activities taking place on the Ethereum blockchain. Despite the availability of this kind of service, retrieving specific information useful to empirical software engineering studies, such as the study of smart contracts’ software metrics, might require many subtasks, such as searching for specific transactions in a block, parsing files in HTML format, and filtering the smart contracts to remove duplicated code or unused smart contracts. In this paper, we afford this problem by creating Smart Corpus, a corpus of smart contracts in an organized, reasoned and up-to-date repository where Solidity source code and other metadata about Ethereum smart contracts can easily and systematically be retrieved. We present Smart Corpus’s design and its initial implementation, and we show how the data set of smart contracts’ source codes in a variety of programming languages can be queried and processed to get useful information on smart contracts and their software metrics.
    [Show full text]
  • The Ethereum Classic Declaration of Independence Grammatical and Design Update: July 2019
    The Ethereum Classic Declaration of Independence grammatical and design update: july 2019 Let it be known to the entire world that on July 20th, 2016, at block 1,920,000, we as a community of sovereign individuals stood united by a common vision to continue the original Ethereum blockchain that is truly free from censorship, fraud or third party interference. In realizing, that the blockchain represents absolute truth, we stand by it, supporting its immutability and its future. We do not make this declaration lightly, or without forethought to the consequences of our actions. Looking Back It should be stated with great gratitude, that we acknowledge the creation of the Ethereum blockchain platform by the Ethereum Foundation and its founding developers. It certainly can be said without objection, that without their hard work and dedication that we as a community would not be, where we are today. From its inception, the Ethereum blockchain was presented as a decentralized platform for “applications that run exactly as programmed without any chance of fraud, censorship, or third-party interference”1. It provided a place for the free association of ideas and applications from across the globe without fear of discrimination, while also providing pseudonymity. In this decentralized platform, many of us saw great promise. List of Grievances It is however, with deep regret, that we as a community have had to spontaneously organize2 to defend the Ethereum blockchain platform from its founding members and organization due to a long train of abuses,
    [Show full text]
  • Arxiv:2003.14271V4 [Cs.LO] 20 Jul 2020 Ugs Oiiy Hc Uso H Teembokhi,Woenat Whose Blockchain, Ethereum the Ether on Runs Bank
    UTxO- vs account-based smart contract blockchain programming paradigms Lars Br¨unjes1 and Murdoch J. Gabbay2 1 IOHK 2 Heriot-Watt University, Scotland, UK Abstract. We implement two versions of a simple but illustrative smart contract: one in Solidity on the Ethereum blockchain platform, and one in Plutus on the Cardano platform, with annotated code excerpts and with source code attached. We get a clearer view of the Cardano pro- gramming model in particular by introducing a novel mathematical ab- straction which we call Idealised EUTxO. For each version of the con- tract, we trace how the architectures of the underlying platforms and their mathematics affects the natural programming styles and natural classes of errors. We prove some simple but novel results about alpha- conversion and observational equivalence for Cardano, and explain why Ethereum does not have them. We conclude with a wide-ranging and de- tailed discussion in the light of the examples, mathematical model, and mathematical results so far. 1 Introduction In the context of blockchain and cryptocurrencies, smart contracts are a way to make the blockchain programmable. That is: a smart contract is a program that runs on the blockchain to extend its capabilities. For the smart contract, the blockchain is just an abstract machine (database, if we prefer) with which it programmatically interacts. Basic design choices in the blockchain’s design can affect the the smart contract programming paradigm which it naturally supports, and this can have far-reaching consequences: differ- ent programming paradigms are susceptible to different programming styles, and different kinds of program errors.
    [Show full text]
  • Private Smart Contracts on Ethereum Enigma’S Vision
    Private Smart Contracts on Ethereum Enigma’s Vision Our mission is to create products and systems that accelerate the adoption and usability of decentralized technologies. Salad綾 is the user-friendly Ethereum mixer The Problem of Privacy Data on blockchains is public by default. This greatly limits potential applications. Our Pursuit Of Privacy “Decentralizing Privacy” - 2015 “Enigma: Decentralized Computation Platform with Guaranteed Privacy” - 2015 1,000+ combined citations These are from MIT Bitcoin Expo 2016! Enigma: A Protocol for Secure Computation Enigma enables decentralized applications to compute over encrypted data. Secret contracts use private computation methods to allow data inputs to remain hidden even from nodes. Enigma: Discovery The first network that publicly enables secret contracts. ● Permissionless network ● Secret state ● Proof of Stake ● Compatible with Ethereum ENIGMA STAKEHOLDERS Developers deploy dApps Users create tasks to use dApps Workers execute tasks DEVELOPERS build secret contracts Secret contracts are deployed to Enigma Developers write secret contracts Network in Rust, compiling to WASM - compatible with Web3 stack Ethereum blockchain A hash of the Secret contract is sent to the Enigma Contract on Ethereum USERS create tasks 1) Users interact with dApps by 3) The Task is sent to submitting encrypted data the Enigma Network using Enigma.js library - this creates “Tasks” 2) A hash of the Task is sent to the Enigma Contract on Ethereum (known as the “TaskID”) WORKERS execute tasks 1) Workers receive tasks
    [Show full text]